Separating YouTube "Restricted Mode" from "Enforce Safe Search" option in XG Firewall would allow much more flexibility for customers.
YouTube "Restricted Mode" is currently just too “restricted” (not usable) and customers should have possibility to turn it on or off without impact on SafeSearch.
On the other side, SafeSearch is very useful feature that customers would probably have always on.97 votesStarted · AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) responded
This feature is included in the upcoming v17.5 release (v17.2 was renamed).
Create New web category and application category for only Microsoft office 365 and Google business to make it easier to allow it directly without the need to create it manually18 votes
Can you add Top Bandwidth Users and Top Bandwidth Destinations to the dashboard or someplace easy to access?38 votes
Can you please add the ability to block based on keywords. This feature is extremely useful when attempting to sell to a school or charity, or any organization.
This feature is available in SG UTM.14 votes
As what I observe during our POC on client. They want to allow the specific channel of their own youtube account and block other sites. Other competitors of Sophos don't have any features also on to this.
Purpose: users can access only their channel videos on youtube
Thank you in advance Sophos Team!14 votes
In Batch scanning mode under Web>protection you don't see any Progress like with UTM.
Please add this feature!28 votes
Please add guest access menu on captive portal like UTM 95 votes
Bring back the captive portal session timeout like UTM 9, in XG if closing the window after login is the same as logout.15 votes
it's not possible to create an exception on Pharming protection (Web --> Protection --> Advanced Settings).
The default enabled function let you "Protect users against pharming and other domain name poisoning attacks by repeating DNS lookups before connecting."
We were unable to get a vpn tool called "SSL network extender" working (to support a customer). The solution was to disable the Pharming protection completely.54 votes
Currently the web proxy allows you to access anything the Sophos can access. This means is you have multiple segments of trusted and untrusted traffic on the same XG that both the trusted and untrusted devices can access the content of each network using the proxy.
Please make an option where hosts and subnets can be denied for specific filter rules.4 votes
Being able to fully customize the user notifications (displayed to the user when browsing blocked or warned pages, for example (PROTECT --> Web --> User Notifications --> Message for Warn Action )) is desirable, e.g for purposes of translating the pages. The possibility to use templates with variables would be greatly appreciated.35 votes
The ability to be able to use regular expressions to match URLs in the Web Policy, not just in Web Exceptions.
This was possible with SG UTM.43 votes
IETF standard. Used by real-time comms on webpages.
DESPERATELY needed. HTTPS Decrypt and Scan basically kills it. Please fix!43 votes
It appears that currently QUIC traffic (UDP port 80/443) are not categorized by the web filter. Users seem to be able to access YouTube and other Google sites without any of their traffic being inspected.28 votes
DLP works quite well on Email but it is time to implement it even on Web. I would like to be able to know what my users are uploading to Cloud, DropBox and Webmail and decide to stop and log or log only. Also VPN client should be able to talk with XG and scan what users download from the company to their pc and block unauthorized content.15 votes
The idea requested from client all the time form previes UTM firmware. Now XG has arrived with strong User and web singnature, I hope this feature is in your plan.
Ideally, we should permit users to open a webmail (like Gmail.com or other public webmail or event Facebook, Dropbox, Onedrive, Google Drive)
but i don't want to permit to attach file/upload file in a new mail on the webmail. In this way i can block a possible disclosure of corporate data. Thanks ---------- (BTZ shared this idea · October 16, 2013)26 votes
UTM allows us to configure different web profiles where different device-specific authentication can be set.
This is very useful in environment where BYOD is required and more than one profile is needed.
So inherit from UTM.62 votes
I believe this is related to an existing suggestion:
UTM customers are able to get around Netflix streaming issues using the workaround detailed here: https://www.sophos.com/support/knowledgebase/121646.aspx
This involves creating an exception for traffic based on its User Agent. There is no option to do this when configuring exceptions in XG as far as I can tell.7 votes
Define multiple upstream HTTP proxies.
Define URL-based policies to determine which proxy should be used, or whether traffic should go direct.
Each proxy may require authentication.32 votes
- Don't see your idea?